OAuth for self-hosted instance (by making clientID configurable

Problem to solve

I want to authenticate with OAuth (web) to my self hosted GitLab instance so I can manage it without clicking around tediously for PATs.

It would probably work if the clientID was not hardcoded in the tool code:

const clientID = "41d48f9422ebd655dd9cf2947d6979681dfaddc6d0c56f7628f6ada59559af1e"

This results in oauth call:

https://gitlab.example.com/oauth/authorize?client_id=41d48f9422ebd655dd9cf2947d6979681dfaddc6d0c56f7628f6ada59559af1e&redirect_uri=http://localhost:7171/auth/redirect&response_type=code&state=TUwti3vlk5TLhimzn33W3XaQHBNx0z0U9rtvOmgxXaVpN&scope=openid%20profile%20read_user%20write_repository%20api&code_challenge=LoI1oZKCxeuAZkDt-d9Iej2md2PL7rN77f5CKSGveaw&code_challenge_method=S256

Proposal

Simply make the clientId configurable with glab config set oauth_client_id or some such.

Then I can

glab config set -g host gitlab.example.com
glab config set -g oauth_client_id 123myownclientid
glab auth login

And be happy

Further details

Making the oauth_client_id follow the common config, one could set different ones per host, making it possible for the same tool to manage multiple gitlab instances including gitlab.com

Links / references

Edited May 18, 2023 by Jo Cutajar

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information